package com.woniuxy.goods.permissionAop;


import com.woniuxy.core.annotation.Permission;
import com.woniuxy.core.exception.PawnException;
import com.woniuxy.core.exception.PermissionException;
import com.woniuxy.core.util.ObjectCoverUtil;
import com.woniuxy.goods.client.AdminFeignClient;
import com.woniuxy.goods.dto.AdminRole;
import com.woniuxy.openfeign.util.Result;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.aspectj.lang.annotation.Pointcut;
import org.aspectj.lang.reflect.MethodSignature;
import org.springframework.util.StringUtils;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

import javax.annotation.Resource;
import java.lang.reflect.Method;
import java.util.List;


@Aspect
public class PermissionAop {

    @Resource
    private AdminFeignClient adminClient;

    @Pointcut("@annotation(com.woniuxy.core.annotation.Permission)")
    public void pt(){
    }

    @Before("pt()")
    public void permissionAop(JoinPoint jp){
        //拿到token
        String token = ((ServletRequestAttributes) RequestContextHolder.currentRequestAttributes()).getRequest().getHeader("token");
        if(!StringUtils.hasLength(token)) throw new PermissionException(401,"未认证");
        //根据Id查找账号拥有的角色
        Result result = adminClient.loadAllRoleByAccountId(token);
        if(result.getCode()!=200){
            throw  new PawnException(result.getCode(),result.getMessage());
        }
        Object data = result.getData();
        AdminRole adminRole = ObjectCoverUtil.castT(data, AdminRole.class);
        String role= adminRole.getRoleName();
        Result result1 = adminClient.findResourceByRoleId(adminRole.getRoleId());
        if(result1.getCode()!=200){
            throw  new PawnException(result.getCode(),result.getMessage());
        }
         List<String>resources=(List<String>) result1.getData();
        Method method = ((MethodSignature) jp.getSignature()).getMethod();
        if(method.isAnnotationPresent(Permission.class)){
            Permission permission = method.getAnnotation(Permission.class);
            String[] roles = permission.roles();
            String[] resources1 = permission.resources();
            boolean roleFlag=false;
            boolean resourceFlag=false;
            if(roles.length<1){
                roleFlag=true;
            } else {
                for (String s : roles) {
                if(s.equals(role)){
                 roleFlag=true;
                 break;
                }
                if(roleFlag) break;
                }
            }
            if(resources1.length<1) {
                resourceFlag=true;
            } else {
                if(resources!=null) {
                    for (String r : resources) {
                        for (String res : resources1) {
                            if (r.equals(res)) {
                                resourceFlag = true;
                                break;
                            }
                        }
                        if (resourceFlag) break;
                    }
                }
            }
            if(!(roleFlag&&resourceFlag)) throw  new PermissionException(403,"没有权限");
        }
    }



}
